« | Home | Categories | »

Samsung Galaxy back-door allows for over-the-air filesystem access

Posted on March 13th, 2014 at 11:36 by John Sinteur in category: Security -- Write a comment


Developers from the Replicant project (a free Android offshoot) have documented a serious software back-door in Samsung’s Android phones, which “provides remote access to the data stored on the device.” They believe it is “likely” that the backdoor could provide “over-the-air remote control” to “access the phone’s file system.”

At issue is Samsung’s proprietary IPC protocol, used in its modems. This protocol implements a set of commands called “RFS commands.” The Replicant team says that it can’t find “any particular legitimacy nor relevant use-case” for adding these commands, but adds that “it is possible that these were added for legitimate purposes, without the intent of doing harm by providing a back-door. Nevertheless, the result is the same and it allows the modem to access the phone’s storage.”

previous post: 8 pronunciation errors that made the English language what it is today

next post: Why you might not want to incorporate in the USA